How severe is CVE-2025-43699?

CVE-2025-43699 has a CVSS v3 score of 5.3 (MEDIUM).

CVE-2025-43699

5.3MEDIUM

Client-Side Enforcement of Server-Side Security vulnerability in Salesforce OmniStudio (FlexCards) allows bypass of required permission check. This impacts OmniStudio: before Spring 2025

Published: 6/10/2025Updated: 6/18/2025

Description

Client-Side Enforcement of Server-Side Security vulnerability in Salesforce OmniStudio (FlexCards) allows bypass of required permission check. This impacts OmniStudio: before Spring 2025

AI AnalysisPowered by AI

References

https://help.salesforce.com/s/articleView?id=004980323&type=1